Secure Florida offers...
- Security Alerts
- C-Safe Classes
- News and Info
create an account
Unlike viruses, worms do not infect specific files. They are like parasites; worms exploit known system vulnerabilities and often run malicious payloads - without the need for a user to activate them. A worm can be programmed to replicate itself multiple times on the same computer, or can send itself to other computers via the Internet.
Another way worms differ from viruses is that they do not require user action in order to activate. A worm will "self-replicate" and spread without the user clicking on an infected file, visiting a malicious "drive-by" web site, or anything else. Consequently, they are often able to spread faster than viruses. The SQL Slammer worm, released on January 25, 2003, was able to spread across the world in 11 minutes.
Commonly worms stay hidden until their uncontrolled replication consumes system resources, slowing or halting other tasks. Frequently the malicious payload of a worm will be activated only when certain conditions are met—like a specific date or time. The MSBlaster worm, for example, was designed so that infected computers would launch a distributed denial of service attack against Microsoft on August 16, 2003.
Worm Detection and Prevention Tips
If you don't already have virus protection software on your machine, you should. Antivirus software will detect and remove malicious worm infections. Although originally named for its virus-hunting capabilities, antivirus software in fact offers protection from all types of malware. If you're a home or individual user, you should install the latest antivirus software for your personal computer. If you're on a network, check with your network administrator first.
Scan your system regularly.
If you're loading antivirus software for the first time, let it scan your entire system. Often, the antivirus program can be set to scan each time the computer is rebooted or on a periodic schedule. Some will scan in the background ("real time") while you are connected to the Internet. Make it a regular habit to scan for viruses.
Keep your system patched.
In order for worms to spread, they must exploit existing software vulnerabilities. When vulnerabilities are discovered, software companies release patches to fix them. If you don't apply the patch then you aren't protected: it's as simple as that. The patch that would have protected users against the SQL Slammer worm was released six months before the worm was unleashed on the Internet.
Update your anti-virus software.
Now that you have virus protection software installed, make sure it's up to date. Most anti-virus programs have a feature that will automatically link to the Internet and add new virus detection definitions whenever the software vendor discovers a new threat.
There are new virus and security alerts almost every day. Keep up-to-date on breaking viruses and solutions. Remember that the bad guys are going to try to use social engineering to exploit you. Staying informed is the perfect countermeasure against that.
Carnegie Mellon University's CERT® Program has useful information on how to install and use antivirus programs.